Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:network:wifi:wifiextenders:bridgedap [2024/06/24 09:05] – Title bluewavenet | docs:guide-user:network:wifi:wifiextenders:bridgedap [2024/09/30 13:33] – [Populate Hostnames in Associated Stations] Improve command dpawlik | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | < | + | < |
| - | {{: | + | {{: |
| </ | </ | ||
| - | ====== Wi-Fi Extender/ | + | ====== Wi-Fi Extender/ |
| - | Bridged AP is to extend | + | Bridged AP configuration will use your wireless |
| - | OpenWrt bridges the LAN network with the WLAN of the device in Access Point mode. The advantage of bridging is that broadcast traffic from Wireless | + | OpenWrt bridges the LAN network with the WLAN of the device in Access Point mode. The advantage of bridging is that broadcast traffic from wireless |
| - | + | ||
| - | This document outlines | + | |
| - | + | ||
| - | //Note: This recipe results in a bridged LAN that will work fine for home and small networks. It is similar to the "Dumb AP" recipe at [[docs: | + | |
| ===== Configuration ===== | ===== Configuration ===== | ||
| Line 33: | Line 29: | ||
| option dns 192.168.1.1 | option dns 192.168.1.1 | ||
| </ | </ | ||
| - | This IP address | + | This must be an // |
| ==== Step 2: Configure and enable the wireless network ==== | ==== Step 2: Configure and enable the wireless network ==== | ||
| Line 52: | Line 48: | ||
| ==== Step 3: Disable dnsmasq ==== | ==== Step 3: Disable dnsmasq ==== | ||
| - | | ''/ | + | service |
| + | service dnsmasq stop | ||
| ==== Step 4: Connect host router and openwrt router correctly ==== | ==== Step 4: Connect host router and openwrt router correctly ==== | ||
| - | Ensure the host router is connected with a lan port of the openwrt, not the wan port! | + | Ensure the host router is connected with a LAN port of the wireless AP, not the WAN port! |
| - | ===== Apply changes | + | ==== Apply changes ==== |
| - | Enable the new wireless network. | + | Enable the new wireless network |
| - | <code bash> | + | wifi |
| - | root@OpenWrt:~# ifup wifi | + | |
| - | root@OpenWrt:~# wifi | + | ====== Wireless Access Point - Dumb Access Point - Examples ====== |
| + | |||
| + | This section describes in detail how to configure your device as a //wireless access point (AP)// connected to an existing network with a main router. This is often called a //dumb AP// since it will not perform duties such as routing, firewall, DHCP, or DNS, as these would be performed by the router or other device. | ||
| + | |||
| + | This is commonly used to add additional wireless coverage to an existing network, maybe on a different floor or to cover a dead zone. This setup is sufficient for small home or office network, but for larger networks a more sophisticated approach is often used. | ||
| + | |||
| + | <WRAP box> | ||
| + | Overview of configuration for a Wireless AP: | ||
| + | - The wireless AP is connected LAN-to-LAN to the router by some means e.g. ethernet, 802.11s mesh, etc. | ||
| + | - The wireless AP bridges its SSID wireless interface to its LAN bridge interface. WiFi traffic goes to its bridge LAN interface, then to the main router. | ||
| + | - The wireless AP bridge LAN may have either a static or DHCP address on the same subnet as the main router bridge LAN interface. | ||
| + | - The wireless AP gateway IP address is set to the address of the main router, either in the configuration or by DHCP. | ||
| + | - The wireless AP does not provide services such as DHCP, DNS, or firewall as this is done on the main router or other device. | ||
| + | </ | ||
| + | |||
| + | {{section> | ||
| + | |||
| + | ===== Configuration via LuCI ===== | ||
| + | |||
| + | These instructions refer to the interface found in OpenWrt | ||
| + | |||
| + | This setup requires two routers, a computer with an Ethernet port, and an Ethernet cable. We refer to the routers as the //main router// and the //wireless AP// and we assume default settings on both. The main router should already be properly configured and connected to the Internet. | ||
| + | |||
| + | Disconnect the wireless AP from your network.\\ | ||
| + | Use an Ethernet cable to connect your computer to one of the LAN ports (not the // | ||
| + | If you use a notebook, turn off WiFi while configuring to only have a wired IP connection to your "to be" configured wireless AP.\\ | ||
| + | From a browser, navigate to LuCI by going to http:// | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Go to //Network -> Interfaces// | ||
| + | |||
| + | {{: | ||
| + | |||
| + | It is easiest to configure the wireless AP to use DHCP to obtain an address from the main router,\\ | ||
| + | but this guide will show how configure a static IP address too.\\ | ||
| + | |||
| + | Assign the wireless AP an IP address.\\ | ||
| + | By default, the main router will have an address of 192.168.1.1, | ||
| + | The address should be on the same subnet as your main router, but out of the DHCP range used when assigning addresses to connected devices.\\ | ||
| + | By default, that means the wireless AP router IP should be between 192.168.1.2 and 192.168.1.100.\\ | ||
| + | When adding multiple wireless APs, you could use 192.168.1.3, | ||
| + | Save and apply the new IP address. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | A warning screen will appear because you changed the routers IP to 192.168.1.2. Click "Apply and keep settings" | ||
| + | |||
| + | Navigate back to the address you assigned in the previous step (e.g. http:// | ||
| + | Make sure your browser uses the new IP address you assigned in the previous step.\\ | ||
| + | Why? Because in the next step, the gateway needs to be changed to point to the main router, and LuCI will not allow you to change the gateway to 192.168.1.1 while the wireless AP router is using that IP address.\\ | ||
| + | If things are not working as expected, unplug the network cable from your computer for 10 seconds and plug in again. The currently still active DHCP server on your wireless AP will then reassign an IP to you.\\ | ||
| + | |||
| + | Login to your router and go back to //Network -> Interfaces//, | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Change the IPv4 gateway to your main router, 192.168.1.1 by default. This sets the wireless AP router to use the main router for Internet access.\\ | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Use the main router (192.168.1.1) for DNS. Same page but the //Advanced Settings// tab. Enter the IP of your main router in the //Use custom DNS servers// field and click //+//. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Use the main router for DHCP (and disable DHCP for the Wireless AP). Same page again, now the //DHCP Server// tab. Ensure the //Ignore interface// checkbox is checked.\\ | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Disable IPv6 DHCP. Same page, //DHCP Server// tab, click on the //IPv6 Settings// sub-tab. Set the // | ||
| + | In versions of OpenWrt prior to 21.02: | ||
| + | Click " | ||
| + | |||
| + | {{: | ||
| + | |||
| + | On the " | ||
| + | The most important steps are done, your wireless AP works!\\ | ||
| + | |||
| + | Read next steps for some fine tuning, enabling WLAN, or adding a Guest Network: | ||
| + | |||
| + | If you plan to add a " | ||
| + | |||
| + | * To save resources on the wireless AP, disable unused services. Navigate to System -> Startup. Disable the services labeled // | ||
| + | * Remove or disable the //WAN// and //WAN6// interfaces. On the //Network -> Interfaces// | ||
| + | * Note that by default OpenWrt does not enable wireless access. So, from a default installation, | ||
| + | * Click the //Save and Apply// button. | ||
| + | |||
| + | Use an Ethernet cable to connect one of the LAN ports on your main router to one of the LAN ports (**not** the // | ||
| + | You may need to reboot either or both routers, the device connecting your main router to the Internet, and potentially any connected devices. In many cases this will not be necessary.\\ | ||
| + | Done!\\ | ||
| + | |||
| + | ===== Configuration via Command Line ===== | ||
| + | |||
| + | The changes below assume an OpenWrt default configuration, | ||
| + | |||
| + | * [[docs: | ||
| + | * [[docs: | ||
| + | |||
| + | ==== Step 1: Modify the Network ==== | ||
| + | |||
| + | Edit ''/ | ||
| + | |||
| + | === For switch-less devices, e.g. Alix Board, wr1043nd v2 === | ||
| + | |||
| + | On switchless devices, simply bridge all ethernet interfaces together, remove the existing WAN interface - if any. | ||
| + | |||
| + | < | ||
| + | config interface lan | ||
| + | option type ' | ||
| + | option ifname | ||
| + | option proto ' | ||
| </ | </ | ||
| + | |||
| + | === For devices with switch and dedicated WAN, e.g. WNDR3700, WR1043ND v1, WR741ND v2.4 === | ||
| + | |||
| + | On devices with a separate WAN interface, bridge the LAN VLAN together with the WAN interface, remove the existing WAN interface - if any. | ||
| + | |||
| + | < | ||
| + | config interface lan | ||
| + | option type ' | ||
| + | option ifname | ||
| + | option proto ' | ||
| + | </ | ||
| + | |||
| + | Switch configuration on WR1043ND (barrier breaker). | ||
| + | |||
| + | < | ||
| + | config switch_vlan | ||
| + | option device ' | ||
| + | option vlan ' | ||
| + | option ports '0 1 2 3 4 5t' | ||
| + | |||
| + | #config switch_vlan | ||
| + | # | ||
| + | # | ||
| + | # | ||
| + | </ | ||
| + | |||
| + | === For devices with switch only, e.g. WRT54GL === | ||
| + | |||
| + | On devices where WAN and LAN are separated by switch config, reconfigure the LAN VLAN to cover all ports, | ||
| + | remove the existing WAN interface and its related VLAN - if any. | ||
| + | |||
| + | < | ||
| + | config switch_vlan eth0_1 | ||
| + | option vlan ' | ||
| + | option ports '0 1 2 3 4 5t' # Might vary depending on the device | ||
| + | |||
| + | config interface lan | ||
| + | option type ' | ||
| + | option ifname | ||
| + | option proto ' | ||
| + | </ | ||
| + | |||
| + | === Switch and dedicated WAN devices post 21.01 === | ||
| + | The syntax is slightly different for these devices. You will notice that there is a config device which lists the ethernet port(s) assigned to an interface (in this case the br-lan). It will also list the assigned port under the "list ports" clause. The gotcha here is that you must add a separate line for each "list ports" added to a device. If you try to add them to one "list ports" entry space or comma separated it will not work properly. Finally you can remove/ | ||
| + | < | ||
| + | option name ' | ||
| + | option type ' | ||
| + | list ports ' | ||
| + | list ports ' | ||
| + | |||
| + | config interface ' | ||
| + | option device ' | ||
| + | option proto ' | ||
| + | option netmask ' | ||
| + | option ipaddr ' | ||
| + | </ | ||
| + | |||
| + | ==== Step 2: Change the existing wireless network ==== | ||
| + | |||
| + | Edit ''/ | ||
| + | |||
| + | < | ||
| + | config ' | ||
| + | option type ' | ||
| + | option channel ' | ||
| + | option macaddr ' | ||
| + | option htmode | ||
| + | list ht_capab | ||
| + | list ht_capab | ||
| + | list ht_capab | ||
| + | list ht_capab | ||
| + | list ht_capab | ||
| + | |||
| + | config ' | ||
| + | option device | ||
| + | option network ' | ||
| + | option mode ' | ||
| + | option ssid ' | ||
| + | option encryption ' | ||
| + | option key ' | ||
| + | </ | ||
| + | |||
| + | ==== Step 3: Disable DHCP Server ==== | ||
| + | |||
| + | If you still need dnsmasq running for something else (e.g. TFTP server) you can do: | ||
| + | < | ||
| + | uci commit dhcp | ||
| + | / | ||
| + | |||
| + | If not disable dnsmasq service: | ||
| + | < | ||
| + | / | ||
| + | |||
| + | ==== Step 4: Disable DHCPv6 Server ==== | ||
| + | |||
| + | Disable [[docs: | ||
| + | < | ||
| + | uci set dhcp.lan.ra=disabled | ||
| + | uci commit | ||
| + | </ | ||
| + | |||
| + | Or disable service: | ||
| + | < | ||
| + | / | ||
| + | |||
| + | ==== Step 5: Disable Firewall ==== | ||
| + | |||
| + | < | ||
| + | / | ||
| + | |||
| + | ==== Step 6: Disable wpa_supplicant (if no STA WiFi interfaces) ==== | ||
| + | |||
| + | < | ||
| + | |||
| + | ==== Apply changes ==== | ||
| + | |||
| + | Reloading the network config should be enough, it should automatically restart if necessary. Alternatively, | ||
| + | |||
| + | < | ||
| + | |||
| + | ===== IPv6 ===== | ||
| + | If you would like your AP to receive IPv6 as a host only and not for routing you have to tell the DHCPv6 client not to request prefix delegation. | ||
| + | If you do not do this the AP will reject basic IPv6 addresses. | ||
| + | If you want to still be able to use IPv6 on the router itself change the '' | ||
| + | |||
| + | < | ||
| + | config interface ' | ||
| + | option proto ' | ||
| + | option ifname ' | ||
| + | option reqprefix ' | ||
| + | </ | ||
| + | |||
| + | ===== Disable Daemons Persistently ===== | ||
| + | Note that although the start-up of daemons such as firewall, dnsmasq, wpa_supplicant and optionally odhcpd have been set to disabled, when a new image is flashed to the device, they will be re-enabled. To work-around this, simply add the following to ''/ | ||
| + | < | ||
| + | # these services do not run on dumb APs | ||
| + | for i in firewall dnsmasq odhcpd; do | ||
| + | if / | ||
| + | / | ||
| + | / | ||
| + | fi | ||
| + | done | ||
| + | |||
| + | rm / | ||
| + | </ | ||
| + | |||
| + | ===== Populate Hostnames in Associated Stations ===== | ||
| + | Dumb APs will not have the data to display hostnames of the associated devices. | ||
| + | |||
| + | On the router, one can extract these data with the following one-liner: | ||
| + | < | ||
| + | < dhcp.leases | awk ' | ||
| + | # or | ||
| + | awk '$4 != " | ||
| + | </ | ||
| + | |||
| + | See the following discussion threads for additional approaches: | ||
| + | * Using fping to populate ethers file: https:// | ||
| + | * An improved fping approach: https:// | ||
| + | * Propagating dhcp.leases to secondary (dumb) access points: https:// | ||
| + | |||
| + | ===== Multicast ===== | ||
| + | |||
| + | DLNA and UPnP clients, and printer or SMB discovery protocols tend to work by using multicast packets. For example PlayStation, | ||
| + | |||
| + | On WiFi the //slowest// modulation available is used for multicast packets (so that everyone can hear them). If you have " | ||
| + | |||
| + | There are two possible fixes for this, one is to //enable// multicast snooping: '' | ||
| + | |||
| + | ===== External Videos ===== | ||
| + | |||
| + | Several videos are available on the topic which may be useful for background information.\\ | ||
| + | Bare in mind they are somewhat outdated and generally do not take into account everything. | ||
| + | |||
| + | Using OpenWrt v21 with DSA example: | ||
| + | |||
| + | {{youtube> | ||
| + | |||
| + | Two videos which are outdated but explain firewall and APs: | ||
| + | |||
| + | {{youtube> | ||
| + | {{youtube> | ||
| + | |||
| + | WiFi roaming is much improved in newer mobile devices so configuring Fast Roaming, aka 802.11r, may not be required.\\ | ||
| + | This video can be misleading as 802.11r has nothing to do with mesh networking. | ||
| + | {{youtube> | ||
| + | |||
| + | ===== Notes ===== | ||
| + | |||
| + | - Dumb AP wireless can be configured to control access via Open/ | ||
| + | - Static DHCP is not covered here. This procedure creates an AP that provides wired/ | ||
| + | - Firewall bridge mode support in OpenWrt is provided by the [[packages: | ||
| + | |||